Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
HSTS Browser Preloading Check ( Like SSL Labs ) #1248
Would be awesome if we could add an API check to see if a site is in preloaded in browsers.
API is available here: https://hstspreload.org
Which should return:
The 'status' entry can have values "unknown" which we can take as not preloaded, "pending" meaning its being processed and "preloaded" which obviously means its preloaded.
As for the 'bulk' entry, on my own domain, it was false for a while, and doing an SSL Labs check it returned as only in Chrome. However today I checked and the 'bulk' entry showed true, and SSL Labs shows its preloaded into Firefox, IE and Edge as well as Chrome. So I'm willing to bet thats what 'bulk' means.
This shouldn't be a difficult addition to the great test that is testssl :)